A Web browser handles the non-repudiation and encryption of a message using a smart card just as when using the technology on a desktop computer, except the private key is stored on the card. Software will require a passphrase (or biometrics) to access the private key; hence we have something the user knows -- passphrase and something he has -- the card. There is no fundamental difference between a smart card and window message client except that a person can carry his smart card from computer to computer, making his identity more portable (not tied to a particular desktop or notebook PC).
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.